-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - --- english/security/2005/dsa-732.wml 2005-06-03 21:52:56.000000000 +0600 +++ russian/security/2005/dsa-732.wml 2016-09-18 01:22:30.122425118 +0500 @@ -1,44 +1,45 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>"infamous41md" discovered several vulnerabilities in the GNU mailutils - -package which contains utilities for handling mail. These problems - -can lead to a denial of service or the execution of arbitrary code. - -The Common Vulnerabilities and Exposures project identifies the - -following vulnerabilities.</p> +<p>"infamous41md" обнаÑÑжил неÑколÑко ÑÑзвимоÑÑей в пакеÑе mailutils Ð¾Ñ +GNU, коÑоÑÑй ÑодеÑÐ¶Ð¸Ñ ÑÑилиÑÑ Ð´Ð»Ñ ÑабоÑÑ Ñ Ð¿Ð¾ÑÑой. ÐÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ +могÑÑ Ð¿ÑиводиÑÑ Ðº оÑÐºÐ°Ð·Ñ Ð² обÑлÑживании или вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода. +ÐÑÐ¾ÐµÐºÑ Common Vulnerabilities and Exposures опÑеделÑÐµÑ +ÑледÑÑÑие пÑоблемÑ.</p> <ul> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1520">CAN-2005-1520</a> - - <p>Buffer overflow mail header handling may allow a remote attacker - - to execute commands with the privileges of the targeted user.</p> + <p>ÐеÑеполнение бÑÑеÑа пÑи обÑабоÑке поÑÑового заголовка Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ ÑдалÑÐ½Ð½Ð¾Ð¼Ñ + злоÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ Ð²ÑполниÑÑ Ð¿ÑоизволÑнÑе ÐºÐ¾Ð¼Ð°Ð½Ð´Ñ Ñ Ð¿Ñавами Ñелевого полÑзоваÑелÑ.</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1521">CAN-2005-1521</a> - - <p>Combined integer and heap overflow in the fetch routine can lead - - to the execution of arbitrary code.</p> + <p>ÐеÑеполнение ÑелÑÑ ÑиÑел и пеÑеполнение динамиÑеÑкой памÑÑи в ÑÑнкÑии fetch могÑÑ Ð¿ÑиводиÑÑ + к вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного кода.</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1522">CAN-2005-1522</a> - - <p>Denial of service in the fetch routine.</p> + <p>ÐÑказ в обÑлÑживании в ÑÑнкÑии fetch.</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1523">CAN-2005-1523</a> - - <p>Format string vulnerability can lead to the execution of arbitrary - - code.</p> + <p>УÑзвимоÑÑÑ ÑоÑмаÑной ÑÑÑоки Ð¼Ð¾Ð¶ÐµÑ Ð¿ÑиводиÑÑ Ðº вÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ Ð¿ÑоизволÑного + кода.</p> </ul> - -<p>For the stable distribution (woody) these problems have been fixed in - -version 20020409-1woody2.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (woody) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 20020409-1woody2.</p> - -<p>For the testing distribution (sarge) these problems have been fixed in - -version 0.6.1-4.</p> +<p>Ð ÑеÑÑиÑÑемом вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 0.6.1-4.</p> - -<p>For the unstable distribution (sid) these problems have been fixed in - -version 0.6.1-4.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 0.6.1-4.</p> - -<p>We recommend that you upgrade your mailutils packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ mailutils.</p> </define-tag> # do not modify the following line - --- english/security/2005/dsa-789.wml 2005-08-29 21:32:04.000000000 +0600 +++ russian/security/2005/dsa-789.wml 2016-09-18 01:18:33.286766203 +0500 @@ -1,43 +1,44 @@ - -<define-tag description>several vulnerabilities</define-tag> +#use wml::debian::translation-check translation="1.1" maintainer="Lev Lamberov" +<define-tag description>неÑколÑко ÑÑзвимоÑÑей</define-tag> <define-tag moreinfo> - -<p>Several security related problems have been found in PHP4, the - -server-side, HTML-embedded scripting language. The Common - -Vulnerabilities and Exposures project identifies the following - -problems:</p> +<p>Ð PHP4, ÑеÑвеÑном ÑзÑке ÑÑенаÑиев Ñо вÑÑÑоенной поддеÑжкой HTML, бÑло +обнаÑÑжено неÑколÑко ÑвÑзаннÑÑ Ñ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑÑÑ Ð¿Ñоблем. ÐÑÐ¾ÐµÐºÑ Common +Vulnerabilities and Exposures опÑеделÑÐµÑ ÑледÑÑÑие +пÑоблемÑ:</p> <ul> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1751">CAN-2005-1751</a> - - <p>Eric Romang discovered insecure temporary files in the shtool - - utility shipped with PHP that can exploited by a local attacker to - - overwrite arbitrary files. Only this vulnerability affects - - packages in oldstable.</p> + <p>ÐÑик Роман обнаÑÑжил небезопаÑнÑе вÑеменнÑе ÑÐ°Ð¹Ð»Ñ Ð² ÑÑилиÑе shtool, + поÑÑавлÑемой в ÑоÑÑаве PHP, коÑоÑÑе могÑÑ Ð¸ÑполÑзоваÑÑÑÑ Ð»Ð¾ÐºÐ°Ð»ÑнÑм злоÑмÑÑленником + Ð´Ð»Ñ Ð¿ÐµÑезапиÑи пÑоизволÑнÑй Ñайлов. ÐÑа ÑÑзвимоÑÑÑ ÐºÐ°ÑаеÑÑÑ ÑолÑко пакеÑов + из пÑедÑдÑÑего ÑÑабилÑного вÑпÑÑка.</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921">CAN-2005-1921</a> - - <p>GulfTech has discovered that PEAR XML_RPC is vulnerable to a - - remote PHP code execution vulnerability that may allow an attacker - - to compromise a vulnerable server.</p> + <p>СоÑÑÑдники GulfTech обнаÑÑжили, ÑÑо PEAR XML_RPC ÑÑзвим к + ÑдалÑÐ½Ð½Ð¾Ð¼Ñ Ð²ÑÐ¿Ð¾Ð»Ð½ÐµÐ½Ð¸Ñ PHP-кода, коÑоÑое Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð·Ð²Ð¾Ð»Ð¸ÑÑ Ð·Ð»Ð¾ÑмÑÑÐ»ÐµÐ½Ð½Ð¸ÐºÑ + компÑомеÑиÑоваÑÑ ÑÑзвимÑй ÑеÑвеÑ.</p> <li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498">CAN-2005-2498</a> - - <p>Stefan Esser discovered another vulnerability in the XML-RPC - - libraries that allows injection of arbitrary PHP code into eval() - - statements.</p> + <p>ШÑеÑан ÐÑÑÐµÑ Ð¾Ð±Ð½Ð°ÑÑжил еÑÑ Ð¾Ð´Ð½Ñ ÑÑзвимоÑÑÑ Ð² библиоÑÐµÐºÐ°Ñ XML-RPC, + коÑоÑÐ°Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÐµÑ Ð²Ð²Ð¾Ð´Ð¸ÑÑ Ð¿ÑоизволÑнÑй PHP-код в ÑÑвеÑÐ¶Ð´ÐµÐ½Ð¸Ñ + eval().</p> </ul> - -<p>For the old stable distribution (woody) these problems have been fixed in - -version 4.1.2-7.woody5.</p> +<p>РпÑедÑдÑÑем ÑÑабилÑном вÑпÑÑке (woody) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 4.1.2-7.woody5.</p> - -<p>For the stable distribution (sarge) these problems have been fixed in - -version 4.3.10-16.</p> +<p>Ð ÑÑабилÑном вÑпÑÑке (sarge) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 4.3.10-16.</p> - -<p>For the unstable distribution (sid) these problems have been fixed in - -version 4.4.0-2.</p> +<p>РнеÑÑабилÑном вÑпÑÑке (sid) ÑÑи пÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð±Ñли иÑпÑÐ°Ð²Ð»ÐµÐ½Ñ Ð² +веÑÑии 4.4.0-2.</p> - -<p>We recommend that you upgrade your PHP packages.</p> +<p>РекомендÑеÑÑÑ Ð¾Ð±Ð½Ð¾Ð²Ð¸ÑÑ Ð¿Ð°ÐºÐµÑÑ PHP.</p> </define-tag> # do not modify the following line -----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX3aYIAAoJEF7nbuICFtKljMsP+wXLz0WFyMWiaGa3C7Rf4KVY pGowhcGZq7haGuzNvlboFpx4D4PsG8QchHySObCOqwj56vFlGiFDLWUpi55kCYJw NbRoty7nGbdc5g0+3+OuDTu0vALcoScof6BfzGX8IunZ8qT7uOp308Fy/zHKImc5 SpGHLeZMaeGXAszNdhh+1qRuHJoGwpOqJzfppNKyKNvGqKuMNqrWPg4tKo6dZHuq ycKg9mChvEPBG2bYv2hwcDivCw0wEHtMU2WVAHDrhCN6YFyySmOy6whBl4kU+LF0 X+lmKy9G0/VFPGCBIYPctzeR8Pm2xSjLfmNN51PJBQURlfCkwFBEAfpK59+X0en2 wZsHwl+PzI5oY/wWsYx2pxNTHtPgyOCZQj1WD7Mzj95AIeFM+PR2keHlr+cTvqe4 FEX3Q3Qv9yIKLBzn5kM/ftJxQwQ9FxLi/r0uN/hT2dB85nOJxWO6jJ4WtMSXXEHn zZ+naFYi44zraD1ztx/gQbSr2zaNFw2FZ4phMYNbavTcYIu5Rn+5ePWvCrZQWECw G/4gJJ5a3byiYIqUNnX6Uf9aXcgZT896V6ZFTbfuldee18Yj0Nfbsc3yOe8plDvf C/p1NCciESfpJyxgdMlK57DOT2SHu9yzosV3msUPqf4rkmaJyFl8+kPFR6NNIlFd W6Q4GlUMoc1heM209tDG =zjNj -----END PGP SIGNATURE-----